SM8 Super administrative and administrative access rights
- We utilise the premium version of LastPass to store and maintain our entity administrative passwords
- Access is available to SM8 and StyleIT (Development provider)
- Both have the ability to reset any one Sm8rtHealth administrator User’s password.
- Super admin password login is subject to the following security criteria identified in the matrix below
All Insurer’s and Sm8rtHealth staff are subject to internal controls including a signed acknowledgement of Confidentiality, their duties and responsibilities with regard access to the SM8 system and our internet policy. See Sm8rtHealth Staff Handbook
ID Login and password controls guideline:
| Details | Administrator | Super Admin |
| Password Strength for new passwords | Password must be at least eight characters in length, containing at least one number and at least one non-alphanumeric character. | Password must be at least eight characters in length, containing at least one number and at least one nonalphanumeric character. |
| Password attempts before account is locked | 3 attempt(s) | 3 attempt(s) |
| Validity of a Password before it expires | 90 day(s) | unlimited |
| New password cannot repeat any of the previous X number of passwords | 10 previous password(s) | 10 previous password(s) |
| After a password has been changed, a user cannot change password until X days have elapsed | 1 day(s) | 1 day(s) |
| An account that is inactive for X minutes will auto log-out | 15 Minutes | 15 Minutes |
| An account which has not been used for X number of days will be inactivated | 30 day(s) | Not applicable |
An account that has been locked out can only be unlocked by the Administrator
